paper-index
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of natural language instructions and does not include any scripts, executable code, or external software dependencies.
- [PROMPT_INJECTION]: The skill is designed to process paper metadata, which presents a surface for indirect prompt injection. However, this is inherent to its primary purpose and is documented as a safety consideration rather than a malicious finding.
- Ingestion points: Scans
.mdfiles in$OBSIDIAN_VAULT/papers/to read YAML frontmatter. - Boundary markers: No specific boundary markers or instructions to ignore embedded content are used when reading note metadata.
- Capability inventory: Access to read and write within the local Obsidian vault directory.
- Sanitization: No explicit sanitization of input metadata is described before updating the index file.
- [SAFE]: There are no indicators of credential theft, remote code execution, or unauthorized network communication.
Audit Metadata